Skip to main content

Foxit PDF Editor EUVDEUVD-2026-42194

| CVE-2026-57247 HIGH
Use After Free (CWE-416)
2026-07-08 Foxit GHSA-v6wf-mgv3-6mx5
7.8
CVSS 3.1 · Vendor: Foxit
Share

Severity by source

Vendor (Foxit) PRIMARY
7.8 HIGH
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
vuln.today AI
6.1 MEDIUM

Local malicious-file vector needing user to open the PDF (AV:L/UI:R, PR:N); described outcome is an illegal read and crash so A:H with only possible limited memory disclosure (C:L) and no integrity impact.

3.1 AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
4.0 AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (Foxit).

CVSS VectorVendor: Foxit

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
Analysis Generated
Jul 08, 2026 - 09:03 vuln.today

DescriptionCVE.org

The application re-enters the document structure via field processing and deletes the current page, and then continues using the field objects obtained before deletion, triggering an illegal read and crashing.

AnalysisAI

Use-after-free during PDF field processing in Foxit PDF Editor and Foxit PDF Reader allows a crafted document to delete the current page and then reuse now-dangling field objects, causing an illegal memory read and application crash. Affects Foxit PDF Editor through 14.0.4 / 2026.1.1 and Foxit PDF Reader through 2026.1.1; exploitation requires a user to open a malicious PDF. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Craft malicious PDF with abusive field structure
Delivery
Deliver via email or web to victim
Exploit
Victim opens file in Foxit PDF Editor/Reader
Execution
Field processing deletes current page
Persist
Dangling field objects dereferenced (use-after-free)
Impact
Illegal memory read crashes application (DoS)

Vulnerability AssessmentAI

Exploitation Exploitation requires the victim to open a maliciously crafted PDF whose document structure causes field processing to re-enter and delete the current page while field objects captured beforehand are still in use (CVSS UI:R confirms mandatory user interaction; AV:L confirms a local file-open vector). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The published CVSS 3.1 vector (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H = 7.8) reflects a local, low-complexity, unauthenticated-but-user-interaction-required issue. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker emails or hosts a specially crafted PDF whose form/field structure triggers deletion of the current page during field processing; when the victim opens it in a vulnerable Foxit PDF Editor or Reader, the application dereferences freed field objects and reads illegal memory, crashing the process (denial of service, with potential for limited memory disclosure or further corruption). No public exploit code was identified at time of analysis, and success depends on the local user interaction (opening the file) reflected in the CVSS UI:R metric.
Remediation Patch available per vendor advisory: update to the latest fixed release of Foxit PDF Editor and Foxit PDF Reader listed on the Foxit security bulletins page at https://www.foxit.com/support/security-bulletins.html (the input does not specify an exact patched version number, so confirm the fixed build there before deploying). … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Inventory all Foxit PDF Editor (through 14.0.4/2026.1.1) and Foxit PDF Reader (through 2026.1.1) installations across the organization and document business-critical workflows depending on these products. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-57240 HIGH
7.8 Jul 08

Use-after-free memory corruption in Foxit PDF Reader and Foxit PDF Editor lets a crafted PDF containing JavaScript trigg

CVE-2026-13126 HIGH
7.8 Jul 08

Use-after-free memory corruption in Foxit PDF Reader and Foxit PDF Editor (versions 2026.1.1/14.0.4 and earlier) allows

CVE-2026-13127 HIGH
7.8 Jul 08

Denial-of-service (and potential memory-corruption) in Foxit PDF Editor (≤14.0.4 / ≤13.2.4 / ≤2026.1.1) and Foxit PDF Re

CVE-2026-13128 HIGH
7.8 Jul 08

Denial-of-service in Foxit PDF Reader and Foxit PDF Editor (versions 2026.1.1 and earlier) occurs when a victim opens a

CVE-2026-13129 HIGH
7.8 Jul 08

Memory corruption in Foxit PDF Reader and Foxit PDF Editor (versions 2026.1.1, 13.2.4, 14.0.4 and earlier) allows attack

CVE-2026-57238 HIGH
7.8 Jul 08

Memory corruption in Foxit PDF Reader and Foxit PDF Editor allows a crafted PDF to trigger a use-after-free through the

CVE-2026-57242 HIGH
7.8 Jul 08

Use-after-free memory corruption in Foxit PDF Reader (2026.1.1 and earlier) and Foxit PDF Editor (through 14.0.4, 13.2.4

CVE-2026-57245 HIGH
7.8 Jul 08

Memory corruption in Foxit PDF Reader (≤2026.1.1) and Foxit PDF Editor (≤14.0.4, ≤13.2.4, and ≤2026.1.1) allows an attac

CVE-2026-57246 HIGH
7.8 Jul 08

Memory-corruption (buffer overflow) in Foxit PDF Reader and Foxit PDF Editor arises when the digital-signature plugin pr

CVE-2026-57248 HIGH
7.8 Jul 08

Memory-corruption crash (and potential code execution) in Foxit PDF Reader and Foxit PDF Editor occurs when a PDF's embe

CVE-2026-57249 HIGH
7.8 Jul 08

Use-after-free memory corruption in Foxit PDF Editor and Foxit PDF Reader allows a crafted PDF to crash the application

CVE-2026-57251 HIGH
7.8 Jul 08

Denial of service in Foxit PDF Editor and Foxit PDF Reader arises when the application renders a PDF containing cloud-st

Share

EUVD-2026-42194 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy